THE Philippines saw cyberattacks coming in once every second in 2023 and cybersecurity firm Kaspersky believes that it will just continue to worsen this year.

Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky, revealed that last year Kaspersky’s detection systems blocked 26,164,698 web attacks or nearly 72,000 per day and 22,731,157 local infection attempts or more than 62,000 daily against its users in the Philippines.

This, he said, translates to about one attack per second.

“I don’t have a crystal ball. But what we have observed over the last years, is that it has grown and sort of tapered down. But what we also observe is the quality of attacks has gone up,” Yeo said in a press briefing on Tuesday.

With this, Yeo said Kaspersky is now focusing on observing both the quality and the quantity of attacks.

“The short answer is yes, we expect it to be more punchy,” he replied, when asked if the attacks will worsen in 2024.

In Kaspersky’s 2024 threat forecast in the Southeast Asian region, which includes the Philippines, experts predict that financial service outages, DDoS attacks, and website defacements will continue to persist.

To protect the country’s digital infrastructure, Kaspersky is highlighting the urgent need for organizations and individuals to prioritize robust cybersecurity strategies.

Yeo explained that enterprises operating in tightly regulated sectors within the Philippines—including public utilities, financial services, and health care—face the critical imperative of maintaining compliance while safeguarding vast volumes of sensitive client data.

Staying ahead of dynamic cyberthreats is paramount for these entities, ensuring not only regulatory adherence but also the robust protection of invaluable client information.

Hence, Kaspersky introduced on Tuesday the Kaspersky Unified Monitoring and Analysis Platform (KUMA), a native security information and event management (SIEM) solution for security information and event management.

“Threat actors increasingly use diverse tactics to launch sophisticated targeted attacks. Therefore, it is essential to use a platform that can provide a centralized view of security events in quickly identifying and responding to potential threats such as the Security Information and Event Management System. A SIEM is commonly used for compliance support with internal security policies and external regulatory requirements,” Kaspersky Head of Systems Engineering for Southeast Asia Victor Chu said.

At its core, KUMA comprises essential components that seamlessly work in tandem: Collectors, Correlator, Core, and Storage.

Collectors, the first line of defense, receive and process messages from event sources. Their tasks include parsing, normalization, and optional filtering and aggregation to ensure comprehensive data handling.

The Correlator takes the reins by analyzing normalized events from Collectors. It executes actions based on active lists, creating alerts in strict adherence to predefined correlation rules. This ensures a proactive response to potential threats, minimizing vulnerabilities.

KUMA’s Core introduces a user-friendly graphical interface, providing administrators with an efficient means to monitor and manage the settings of the system components. This simplifies the complex task of overseeing cybersecurity measures.

Storage acts as the repository for normalized events and registered incidents. This centralized hub ensures that data is not only efficiently managed but readily available for analysis and response.

KUMA boasts several advantages including high performance, with each instance handling over 300,000 Events Per Second (EPS).

Furthermore, it operates seam lessly in both virtual and physical environments, supporting up to 10k EPS All-in-One on a single virtual server. This scalability ensures that businesses can adapt to their evolving needs without compromising on efficiency.

With these features, Yeo said Kaspersky targets to service “prime targets” in industries including healthcare, finance, and data aggregators such as digital platforms.

Image credits: AP





